bug(rootio): Trivy doesn't detect root.io `provider` when looking in `dpkg`

## Description
Trivy uses only `Version` field to detect `root.io` packages:
https://github.com/aquasecurity/trivy/blob/d898543e771c519be1efcb8a9b0bded0d8f3a8f2/pkg/detector/ospkg/rootio/provider.go#L39-L46
But `dpkg` packages also contain `Release` and `Epoch` fields.
`root.io` suffix is part of `Release` field, That is why Trivy doesn't detect `root.io` debian/ubuntu images.

	func hasPackageWithPattern(pkgs []ftypes.Package, pattern *regexp.Regexp) bool {
	for _, pkg := range pkgs {
	if pattern.MatchString(utils.FormatVersion(pkg)) {
	return true
	}
	}
	return false
	}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

bug(rootio): Trivy doesn't detect root.io `provider` when looking in `dpkg` #9118

Description

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

bug(rootio): Trivy doesn't detect root.io provider when looking in dpkg #9118

Description

Description

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions

bug(rootio): Trivy doesn't detect root.io `provider` when looking in `dpkg` #9118